Change log for imagemagick package in Ubuntu

175 of 212 results
Published in cosmic-updates on 2019-06-25
Published in cosmic-security on 2019-06-25
imagemagick (8:6.9.10.8+dfsg-1ubuntu2.2) cosmic-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-*.patch: backport multiple upstream commits.
    - CVE-2018-14434, CVE-2018-15607, CVE-2018-16323, CVE-2018-16412,
      CVE-2018-16413, CVE-2018-16644, CVE-2018-16645, CVE-2018-18023,
      CVE-2018-18024, CVE-2018-18025, CVE-2018-18544, CVE-2018-20467,
      CVE-2019-7175, CVE-2019-7395, CVE-2019-7396, CVE-2019-7397,
      CVE-2019-7398, CVE-2019-9956, CVE-2019-10649, CVE-2019-10650,
      CVE-2019-11470, CVE-2019-11472, CVE-2019-11597, CVE-2019-11598
  * SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml
    - debian/tests/rose-*: remove pdf tests.

 -- Marc Deslauriers <email address hidden>  Thu, 20 Jun 2019 13:36:46 -0400
Published in bionic-updates on 2019-06-25
Published in bionic-security on 2019-06-25
imagemagick (8:6.9.7.4+dfsg-16ubuntu6.7) bionic-security; urgency=medium

  [ Steve Beattie ]
  * SECURITY UPDATE: previous update did not correctly block
    encapsulated postscript (EPS) documents by default (LP: #1797647)
    - debian/patches/200-disable-ghostscript-formats.patch: correctly
      disable EPS files by default in policy.xml

  [ Marc Deslauriers ]
  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-*.patch: backport multiple upstream commits.
    - CVE-2017-12805, CVE-2017-12806, CVE-2018-16412, CVE-2018-16413,
      CVE-2018-17965, CVE-2018-17966, CVE-2018-18016, CVE-2018-18024,
      CVE-2018-18025, CVE-2018-18544, CVE-2018-20467, CVE-2019-7175,
      CVE-2019-7395, CVE-2019-7396, CVE-2019-7397, CVE-2019-7398,
      CVE-2019-9956, CVE-2019-10131, CVE-2019-10650, CVE-2019-11470,
      CVE-2019-11472, CVE-2019-11597, CVE-2019-11598
   * debian/tests/rose-*: remove pdf tests.

 -- Marc Deslauriers <email address hidden>  Thu, 20 Jun 2019 13:38:05 -0400
Published in disco-updates on 2019-06-25
Published in disco-security on 2019-06-25
imagemagick (8:6.9.10.14+dfsg-7ubuntu2.2) disco-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-*.patch: backport multiple upstream commits.
    - CVE-2018-20467, CVE-2019-7175, CVE-2019-7395, CVE-2019-7396,
      CVE-2019-7397, CVE-2019-7398, CVE-2019-9956, CVE-2019-10649,
      CVE-2019-10650, CVE-2019-11470, CVE-2019-11472, CVE-2019-11597,
      CVE-2019-11598
  * SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml
    - debian/tests/rose-*: remove pdf tests.

 -- Marc Deslauriers <email address hidden>  Thu, 20 Jun 2019 13:35:10 -0400
Published in eoan-release on 2019-06-21
Deleted in eoan-proposed (Reason: moved to release)
imagemagick (8:6.9.10.23+dfsg-2.1ubuntu3) eoan; urgency=medium

  * SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml
    - debian/tests/rose-*: remove pdf tests.

 -- Marc Deslauriers <email address hidden>  Thu, 20 Jun 2019 10:40:31 -0400
Published in xenial-updates on 2019-06-25
Published in xenial-security on 2019-06-25
imagemagick (8:6.8.9.9-7ubuntu5.14) xenial-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-*.patch: backport multiple upstream commits.
    - CVE-2017-12805, CVE-2017-12806, CVE-2018-16412, CVE-2018-16413,
      CVE-2018-17965, CVE-2018-17966, CVE-2018-18016, CVE-2018-18024,
      CVE-2018-18025, CVE-2018-20467, CVE-2019-7175, CVE-2019-7396,
      CVE-2019-7397, CVE-2019-7398, CVE-2019-9956, CVE-2019-10131,
      CVE-2019-10650, CVE-2019-11470, CVE-2019-11472, CVE-2019-11597,
      CVE-2019-11598

 -- Marc Deslauriers <email address hidden>  Fri, 14 Jun 2019 13:58:31 -0400
Superseded in eoan-release on 2019-06-21
Deleted in eoan-proposed on 2019-06-22 (Reason: moved to release)
imagemagick (8:6.9.10.23+dfsg-2.1ubuntu2) eoan; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-2019-*.patch: backport multiple upstream commits.
    - CVE-2019-7175, CVE-2019-7395, CVE-2019-7396, CVE-2019-7397,
      CVE-2019-7398, CVE-2019-10649, CVE-2019-11470, CVE-2019-11472,
      CVE-2019-11597, CVE-2019-11598

 -- Marc Deslauriers <email address hidden>  Wed, 12 Jun 2019 13:48:48 -0400
Superseded in eoan-release on 2019-06-15
Deleted in eoan-proposed on 2019-06-17 (Reason: moved to release)
imagemagick (8:6.9.10.23+dfsg-2.1ubuntu1) eoan; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-6-extra and libmagickcore-6.q16-6-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.
    - Drop build-dependency on libheif-dev.

Superseded in eoan-release on 2019-05-08
Deleted in eoan-proposed on 2019-05-09 (Reason: moved to release)
imagemagick (8:6.9.10.23+dfsg-2ubuntu2) eoan; urgency=medium

  * Drop build-dependency on libheif-dev, which pulls an extensive tree
    of dependencies into main that we don't want to MIR.  LP: #1827442.

 -- Steve Langasek <email address hidden>  Mon, 06 May 2019 11:27:29 -0700
Superseded in eoan-proposed on 2019-05-06
imagemagick (8:6.9.10.23+dfsg-2ubuntu1) eoan; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main. See bug 711061
    - demote libmagickcore-6.q16hdri-6-extra and libmagickcore-6.q16-6-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.
  * Dropped changes, included in Debian:
    - Revert hidden ABI break by changing MagickFloatType's size on i386

Superseded in eoan-release on 2019-05-08
Published in disco-release on 2018-12-19
Deleted in disco-proposed (Reason: moved to release)
imagemagick (8:6.9.10.14+dfsg-7ubuntu2) disco; urgency=medium

  * Revert hidden ABI break by changing MagickFloatType's size on i386

 -- Balint Reczey <email address hidden>  Tue, 18 Dec 2018 20:12:23 +0100
Superseded in disco-proposed on 2018-12-19
imagemagick (8:6.9.10.14+dfsg-7ubuntu1) disco; urgency=medium

  * Sync with Debian. Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main. See bug 711061
    - demote libmagickcore-6.q16hdri-6-extra and libmagickcore-6.q16-6-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.
  * Dropped changes:
    - Stop installing the Debian-specific .desktop for the display program.
      + 'imagemagick' is no longer installed by default for default Ubuntu
        so let's try dropping this change for now.
    - CVE-2017-15033.patch: patch applied in new release

Superseded in disco-proposed on 2018-11-13
imagemagick (8:6.9.10.14+dfsg-7) unstable; urgency=medium

  * Bug fix: "wrong Provides: libmagickcore-6.defaultquantum-dev,
    libmagickcore-dev (= 8:6.9.10.14+dfsg-5)", thanks to Helmut Grohne
    (Closes: #912833).

 -- Bastien Roucariès <email address hidden>  Sun, 04 Nov 2018 21:09:08 +0100
Superseded in disco-release on 2018-12-19
Deleted in disco-proposed on 2018-12-20 (Reason: moved to release)
imagemagick (8:6.9.10.8+dfsg-1ubuntu3) disco; urgency=medium

  * No-change rebuild for the perl 5.28 transition.

 -- Adam Conrad <email address hidden>  Fri, 02 Nov 2018 18:08:35 -0600
Published in trusty-updates on 2018-10-04
Published in trusty-security on 2018-10-04
imagemagick (8:6.7.7.10-6ubuntu3.13) trusty-security; urgency=medium

  [ Steve Beattie ]
  * SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml
  * SECURITY UPDATE: information leak in ReadXBMImage
    - debian/patches/CVE-2018-16323.patch: don't leave data
      uninitialized with negative pixels
    - CVE-2018-16323
  * SECURITY UPDATE: memory leak of colormap in WriteMPCImage
    - debian/patches/CVE-2018-14434.patch: free colormap on bad
      color depth
    - CVE-2018-14434
  * SECURITY UPDATE: memory leak in DecodeImage
    - debian/patches/CVE-2018-14435.patch: free memory when given a
      bad plane
    - CVE-2018-14435
  * SECURITY UPDATE: memory leak in ReadMIFFImage
    - debian/patches/CVE-2018-14436.patch: free memory when given a bad
      depth
    - CVE-2018-14436
  * SECURITY UPDATE: memory leak in parse8BIM
    - debian/patches/CVE-2018-14437-prereq.patch: check for negative
      values
    - debian/patches/CVE-2018-14437.patch: free strings in error
      conditions
    - CVE-2018-14437
  * SECURITY UPDATE: memory leak in ReadOneJNGImage
    - debian/patches/CVE-2018-16640-prereq-1.patch: define DestroyJNG()
    - debian/patches/CVE-2018-16640-prereq-2.patch: fix DestroyJNG()
    - debian/patches/CVE-2018-16640.patch: free memory on error
    - CVE-2018-16640
  * SECURITY UPDATE: denial of service due to out-of-bounds write
    in InsertRow
    - debian/patches/CVE-2018-16642.patch: improve checking for errors
    - CVE-2018-16642
  * SECURITY UPDATE: denial of service due to missing fputc checks
    - debian/patches/CVE-2018-16643.patch: check fputc calls for error
    - CVE-2018-16643
  * SECURITY UPDATE: denial of service in ReadDCMImage and
    ReadPICTImage
    - debian/patches/CVE-2018-16644-prereq-1.patch: make
      ReadRectangle() a boolean returning function and use it.
    - debian/patches/CVE-2018-16644-prereq-2.patch: check for EOF
      when reading from file
    - debian/patches/CVE-2018-16644-prereq-3.patch: define
      ThrowPICTException() macro and use it
    - debian/patches/CVE-2018-16644-1.patch,
      debian/patches/CVE-2018-16644-2.patch: check for invalid length
    - CVE-2018-16644
  * SECURITY UPDATE: excessive memory allocation issue in ReadBMPImage
    - debian/patches/CVE-2018-16645.patch: ensure number_colors is
      not too large
    - CVE-2018-16645
  * SECURITY UPDATE: denial of service in ReadOneJNGImage
    - debian/patches/CVE-2018-16749.patch; check for NULL color_image
    - CVE-2018-16749
  * SECURITY UPDATE: memory leak in formatIPTCfromBuffer
    - debian/patches/CVE-2018-16750.patch: free memory on error
    - CVE-2018-16750

  [ Marc Deslauriers ]
  * SECURITY REGRESSION: segfault in png to gif conversion (LP: #1793485)
    - debian/patches/0297-CVE-2017-13144.patch: removed pending further
      investigation.
    - debian/patches/CVE-2017-12430.patch: refreshed.

 -- Steve Beattie <email address hidden>  Fri, 28 Sep 2018 11:21:01 -0700
Superseded in xenial-updates on 2019-06-25
Superseded in xenial-security on 2019-06-25
imagemagick (8:6.8.9.9-7ubuntu5.13) xenial-security; urgency=medium

  [ Steve Beattie ]
  * SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml
  * SECURITY UPDATE: information leak in ReadXBMImage
    - debian/patches/CVE-2018-16323.patch: don't leave data
      uninitialized with negative pixels
    - CVE-2018-16323
  * SECURITY UPDATE: memory leak of colormap in WriteMPCImage
    - debian/patches/CVE-2018-14434.patch: free colormap on bad
      color depth
    - CVE-2018-14434
  * SECURITY UPDATE: memory leak in DecodeImage
    - debian/patches/CVE-2018-14435.patch: free memory when given a
      bad plane
    - CVE-2018-14435
  * SECURITY UPDATE: memory leak in ReadMIFFImage
    - debian/patches/CVE-2018-14436.patch: free memory when given a
      bad depth
    - CVE-2018-14436
  * SECURITY UPDATE: memory leak in parse8BIM
    - debian/patches/CVE-2018-14437-prereq.patch: check for negative
      values
    - debian/patches/CVE-2018-14437.patch: free strings in error
      conditions
    - CVE-2018-14437
  * SECURITY UPDATE: memory leak in ReadOneJNGImage
    - debian/patches/CVE-2018-16640-prereq-1.patch: define DestroyJNG()
    - debian/patches/CVE-2018-16640-prereq-2.patch: fix DestroyJNG()
    - debian/patches/CVE-2018-16640.patch: free memory on error
    - CVE-2018-16640
  * SECURITY UPDATE: denial of service due to out-of-bounds write
    in InsertRow
    - debian/patches/CVE-2018-16642.patch: improve checking for errors
    - CVE-2018-16642
  * SECURITY UPDATE: denial of service due to missing fputc checks
    - debian/patches/CVE-2018-16643.patch: check fputc calls for error
    - CVE-2018-16643
  * SECURITY UPDATE: denial of service in ReadDCMImage and
    ReadPICTImage
    - debian/patches/CVE-2018-16644-prereq-1.patch: check for EOF
      when reading from file
    - debian/patches/CVE-2018-16644-prereq-2.patch: define
      ThrowPICTException() macro and use it
    - debian/patches/CVE-2018-16644-1.patch,
      debian/patches/CVE-2018-16644-2.patch: check for invalid length
    - CVE-2018-16644
  * SECURITY UPDATE: excessive memory allocation issue in ReadBMPImage
    - debian/patches/CVE-2018-16645.patch: ensure number_colors is
      not too large
    - CVE-2018-16645
  * SECURITY UPDATE: denial of service in ReadOneJNGImage
    - debian/patches/CVE-2018-16749.patch; check for NULL color_image
    - CVE-2018-16749
  * SECURITY UPDATE: memory leak in formatIPTCfromBuffer
    - debian/patches/CVE-2018-16750.patch: free memory on error
    - CVE-2018-16750

  [ Marc Deslauriers ]
  * SECURITY REGRESSION: segfault in png to gif conversion (LP: #1793485)
    - debian/patches/0261-CVE-2017-13144.patch: removed pending
      further investigation.
    - debian/patches/CVE-2017-12430.patch: refreshed.

 -- Steve Beattie <email address hidden>  Fri, 28 Sep 2018 11:19:54 -0700
Superseded in bionic-updates on 2019-06-25
Superseded in bionic-security on 2019-06-25
imagemagick (8:6.9.7.4+dfsg-16ubuntu6.4) bionic-security; urgency=medium

  * SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml
  * SECURITY UPDATE: information leak in ReadXBMImage
    - debian/patches/CVE-2018-16323.patch: don't leave data
      uninitialized with negative pixels
    - CVE-2018-16323
  * SECURITY UPDATE: uninitialized variable usage in ReadMATImageV4
    - debian/patches/CVE-2018-14551.patch: initialize variable
    - CVE-2018-14551
  * SECURITY UPDATE: memory leak of colormap in WriteMPCImage
    - debian/patches/CVE-2018-14434.patch: free colormap on bad
      color depth
    - CVE-2018-14434
  * SECURITY UPDATE: memory leak in DecodeImage
    - debian/patches/CVE-2018-14435.patch: free memory when given a
      bad plane
    - CVE-2018-14435
  * SECURITY UPDATE: memory leak in ReadMIFFImage
    - debian/patches/CVE-2018-14436.patch: free memory when given a
      bad depth
    - CVE-2018-14436
  * SECURITY UPDATE: memory leak in parse8BIM
    - debian/patches/CVE-2018-14437.patch: free strings in error
      conditions
    - CVE-2018-14437
  * SECURITY UPDATE: memory leak in ReadOneJNGImage
    - debian/patches/CVE-2018-16640.patch: free memory on error
    - CVE-2018-16640
  * SECURITY UPDATE: denial of service due to out-of-bounds write
    in InsertRow
    - debian/patches/CVE-2018-16642.patch: improve checking for errors
    - CVE-2018-16642
  * SECURITY UPDATE: denial of service due to missing fputc checks
    - debian/patches/CVE-2018-16643.patch: check fputc calls for error
    - CVE-2018-16643
  * SECURITY UPDATE: denial of service in ReadDCMImage and
    ReadPICTImage
    - debian/patches/CVE-2018-16644-prereq-1.patch: define
      ThrowPICTException() macro and use it
    - debian/patches/CVE-2018-16644-1.patch,
      debian/patches/CVE-2018-16644-2.patch: check for invalid length
    - CVE-2018-16644
  * SECURITY UPDATE: excessive memory allocation issue in ReadBMPImage
    - debian/patches/CVE-2018-16645.patch: ensure number_colors is
      not too large
    - CVE-2018-16645
  * SECURITY UPDATE: denial of service in ReadOneJNGImage
    - debian/patches/CVE-2018-16749.patch; check for NULL color_image
    - CVE-2018-16749
  * SECURITY UPDATE: memory leak in formatIPTCfromBuffer
    - debian/patches/CVE-2018-16750.patch: free memory on error
    - CVE-2018-16750

 -- Steve Beattie <email address hidden>  Fri, 28 Sep 2018 11:19:24 -0700
Superseded in disco-release on 2018-11-08
Published in cosmic-release on 2018-08-29
Deleted in cosmic-proposed (Reason: moved to release)
imagemagick (8:6.9.10.8+dfsg-1ubuntu2) cosmic; urgency=medium

  * Stop installing the Debian-specific .desktop for the display program.
    (LP: #1740741, LP: #1740743, LP: #1717951, LP: #1615435,
    Closes: #675617, #677318)

 -- Corey Bryant <email address hidden>  Tue, 28 Aug 2018 09:45:08 -0400
Superseded in cosmic-proposed on 2018-08-28
imagemagick (8:6.9.10.8+dfsg-1ubuntu1) cosmic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-6-extra and libmagickcore-6.q16-6-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.
    - CVE-2017-15033.patch: cherry-pick CVE patch from upstream

Superseded in cosmic-release on 2018-08-29
Deleted in cosmic-proposed on 2018-08-30 (Reason: moved to release)
imagemagick (8:6.9.10.2+dfsg-3ubuntu2) cosmic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-6-extra and libmagickcore-6.q16-6-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.
    - SECURITY UPDATE: memory leak in XMagickCommand
      - debian/patches/CVE-2018-13153.patch: free memory in magick/animate.c.
      - CVE-2018-13153
    - SECURITY UPDATE: Multiple security issues
      - debian/patches/CVE-201[78]*.patch: backport large number of upstream
        security patches. (Note: All patches except CVE-2017-15033 have landed
        upstream in 6.9.10.2).
      - CVE-2017-15033

Superseded in bionic-updates on 2018-10-04
Superseded in bionic-security on 2018-10-04
imagemagick (8:6.9.7.4+dfsg-16ubuntu6.3) bionic-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in ReadBMPImage and WriteBMPImage
    - debian/patches/CVE-2018-12599.patch: use proper lengths in
      coders/bmp.c.
    - CVE-2018-12599
  * SECURITY UPDATE: out-of-bounds write in ReadDIBImage and WriteDIBImage
    - debian/patches/CVE-2018-12600.patch: use proper lengths in
      coders/dib.c.
    - CVE-2018-12600
  * SECURITY UPDATE: memory leak in XMagickCommand
    - debian/patches/CVE-2018-13153.patch: free memory in magick/animate.c.
    - CVE-2018-13153

 -- Marc Deslauriers <email address hidden>  Tue, 10 Jul 2018 10:09:07 -0400
Published in artful-updates on 2018-07-11
Published in artful-security on 2018-07-11
imagemagick (8:6.9.7.4+dfsg-16ubuntu2.3) artful-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in ReadBMPImage and WriteBMPImage
    - debian/patches/CVE-2018-12599.patch: use proper lengths in
      coders/bmp.c.
    - CVE-2018-12599
  * SECURITY UPDATE: out-of-bounds write in ReadDIBImage and WriteDIBImage
    - debian/patches/CVE-2018-12600.patch: use proper lengths in
      coders/dib.c.
    - CVE-2018-12600
  * SECURITY UPDATE: memory leak in XMagickCommand
    - debian/patches/CVE-2018-13153.patch: free memory in magick/animate.c.
    - CVE-2018-13153

 -- Marc Deslauriers <email address hidden>  Tue, 10 Jul 2018 10:09:43 -0400
Superseded in xenial-updates on 2018-10-04
Superseded in xenial-security on 2018-10-04
imagemagick (8:6.8.9.9-7ubuntu5.12) xenial-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in ReadBMPImage and WriteBMPImage
    - debian/patches/CVE-2018-12599.patch: use proper lengths in
      coders/bmp.c.
    - CVE-2018-12599
  * SECURITY UPDATE: out-of-bounds write in ReadDIBImage and WriteDIBImage
    - debian/patches/CVE-2018-12600.patch: use proper lengths in
      coders/dib.c.
    - CVE-2018-12600
  * SECURITY UPDATE: memory leak in XMagickCommand
    - debian/patches/CVE-2018-13153.patch: free memory in magick/animate.c.
    - CVE-2018-13153

 -- Marc Deslauriers <email address hidden>  Tue, 10 Jul 2018 10:10:29 -0400
Superseded in trusty-updates on 2018-10-04
Superseded in trusty-security on 2018-10-04
imagemagick (8:6.7.7.10-6ubuntu3.12) trusty-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in ReadBMPImage and WriteBMPImage
    - debian/patches/CVE-2018-12599.patch: use proper lengths in
      coders/bmp.c.
    - CVE-2018-12599
  * SECURITY UPDATE: out-of-bounds write in ReadDIBImage and WriteDIBImage
    - debian/patches/CVE-2018-12600.patch: use proper lengths in
      coders/dib.c.
    - CVE-2018-12600
  * SECURITY UPDATE: memory leak in XMagickCommand
    - debian/patches/CVE-2018-13153.patch: free memory in magick/animate.c.
    - CVE-2018-13153

 -- Marc Deslauriers <email address hidden>  Tue, 10 Jul 2018 10:15:44 -0400
Superseded in cosmic-release on 2018-08-21
Deleted in cosmic-proposed on 2018-08-26 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-16ubuntu9) cosmic; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in ReadBMPImage and WriteBMPImage
    - debian/patches/CVE-2018-12599.patch: use proper lengths in
      coders/bmp.c.
    - CVE-2018-12599
  * SECURITY UPDATE: out-of-bounds write in ReadDIBImage and WriteDIBImage
    - debian/patches/CVE-2018-12600.patch: use proper lengths in
      coders/dib.c.
    - CVE-2018-12600
  * SECURITY UPDATE: memory leak in XMagickCommand
    - debian/patches/CVE-2018-13153.patch: free memory in magick/animate.c.
    - CVE-2018-13153

 -- Marc Deslauriers <email address hidden>  Tue, 10 Jul 2018 10:04:51 -0400
Superseded in cosmic-release on 2018-07-10
Deleted in cosmic-proposed on 2018-07-12 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-16ubuntu8) cosmic; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-201[78]*.patch: backport large number of upstream
      security patches.
    - CVE-2017-12140, CVE-2017-12418, CVE-2017-12433, CVE-2017-12644,
      CVE-2017-12674, CVE-2017-12691, CVE-2017-12692, CVE-2017-12693,
      CVE-2017-12875, CVE-2017-12877, CVE-2017-12983, CVE-2017-13058,
      CVE-2017-13059, CVE-2017-13060, CVE-2017-13061, CVE-2017-13062,
      CVE-2017-13131, CVE-2017-13134, CVE-2017-13758, CVE-2017-13768,
      CVE-2017-13769, CVE-2017-14060, CVE-2017-14172, CVE-2017-14173,
      CVE-2017-14174, CVE-2017-14175, CVE-2017-14224, CVE-2017-14249,
      CVE-2017-14325, CVE-2017-14326, CVE-2017-14341, CVE-2017-14342,
      CVE-2017-14343, CVE-2017-14400, CVE-2017-14505, CVE-2017-14531,
      CVE-2017-14532, CVE-2017-14533, CVE-2017-14607, CVE-2017-14624,
      CVE-2017-14625, CVE-2017-14626, CVE-2017-14682, CVE-2017-14684,
      CVE-2017-14739, CVE-2017-14741, CVE-2017-14989, CVE-2017-15015,
      CVE-2017-15016, CVE-2017-15017, CVE-2017-15032, CVE-2017-15033,
      CVE-2017-15217, CVE-2017-15218, CVE-2017-15277, CVE-2017-15281,
      CVE-2017-16546, CVE-2017-17499, CVE-2017-17504, CVE-2017-17680,
      CVE-2017-17681, CVE-2017-17682, CVE-2017-17879, CVE-2017-17881,
      CVE-2017-17882, CVE-2017-17884, CVE-2017-17885, CVE-2017-17886,
      CVE-2017-17887, CVE-2017-17914, CVE-2017-17934, CVE-2017-18008,
      CVE-2017-18022, CVE-2017-18027, CVE-2017-18028, CVE-2017-18029,
      CVE-2017-18209, CVE-2017-18211, CVE-2017-18251, CVE-2017-18252,
      CVE-2017-18254, CVE-2017-18271, CVE-2017-18273, CVE-2017-1000445,
      CVE-2017-1000476, CVE-2018-5246, CVE-2018-5247, CVE-2018-5248,
      CVE-2018-5357, CVE-2018-5358, CVE-2018-6405, CVE-2018-7443,
      CVE-2018-8804, CVE-2018-8960, CVE-2018-9133, CVE-2018-10177,
      CVE-2018-10804, CVE-2018-10805, CVE-2018-11251, CVE-2018-11625,
      CVE-2018-11655, CVE-2018-11656

 -- Marc Deslauriers <email address hidden>  Tue, 12 Jun 2018 07:49:24 -0400
Superseded in artful-updates on 2018-07-11
Superseded in artful-security on 2018-07-11
imagemagick (8:6.9.7.4+dfsg-16ubuntu2.2) artful-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-201[78]*.patch: backport large number of upstream
      security patches.
    - CVE-2017-12140, CVE-2017-12418, CVE-2017-12433, CVE-2017-12644,
      CVE-2017-12674, CVE-2017-12691, CVE-2017-12692, CVE-2017-12693,
      CVE-2017-12875, CVE-2017-12877, CVE-2017-12983, CVE-2017-13058,
      CVE-2017-13059, CVE-2017-13060, CVE-2017-13061, CVE-2017-13062,
      CVE-2017-13131, CVE-2017-13134, CVE-2017-13758, CVE-2017-13768,
      CVE-2017-13769, CVE-2017-14060, CVE-2017-14172, CVE-2017-14173,
      CVE-2017-14174, CVE-2017-14175, CVE-2017-14224, CVE-2017-14249,
      CVE-2017-14325, CVE-2017-14326, CVE-2017-14341, CVE-2017-14342,
      CVE-2017-14343, CVE-2017-14400, CVE-2017-14505, CVE-2017-14531,
      CVE-2017-14532, CVE-2017-14533, CVE-2017-14607, CVE-2017-14624,
      CVE-2017-14625, CVE-2017-14626, CVE-2017-14682, CVE-2017-14684,
      CVE-2017-14739, CVE-2017-14741, CVE-2017-14989, CVE-2017-15015,
      CVE-2017-15016, CVE-2017-15017, CVE-2017-15032, CVE-2017-15033,
      CVE-2017-15217, CVE-2017-15218, CVE-2017-15277, CVE-2017-15281,
      CVE-2017-16546, CVE-2017-17499, CVE-2017-17504, CVE-2017-17680,
      CVE-2017-17681, CVE-2017-17682, CVE-2017-17879, CVE-2017-17881,
      CVE-2017-17882, CVE-2017-17884, CVE-2017-17885, CVE-2017-17886,
      CVE-2017-17887, CVE-2017-17914, CVE-2017-17934, CVE-2017-18008,
      CVE-2017-18022, CVE-2017-18027, CVE-2017-18028, CVE-2017-18029,
      CVE-2017-18209, CVE-2017-18211, CVE-2017-18251, CVE-2017-18252,
      CVE-2017-18254, CVE-2017-18271, CVE-2017-18273, CVE-2017-1000445,
      CVE-2017-1000476, CVE-2018-5246, CVE-2018-5247, CVE-2018-5248,
      CVE-2018-5357, CVE-2018-5358, CVE-2018-6405, CVE-2018-7443,
      CVE-2018-8804, CVE-2018-8960, CVE-2018-9133, CVE-2018-10177,
      CVE-2018-10804, CVE-2018-10805, CVE-2018-11251, CVE-2018-11625,
      CVE-2018-11655, CVE-2018-11656

 -- Marc Deslauriers <email address hidden>  Thu, 07 Jun 2018 19:56:33 -0400
Superseded in bionic-updates on 2018-07-11
Superseded in bionic-security on 2018-07-11
imagemagick (8:6.9.7.4+dfsg-16ubuntu6.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-201[78]*.patch: backport large number of upstream
      security patches.
    - CVE-2017-12140, CVE-2017-12418, CVE-2017-12433, CVE-2017-12644,
      CVE-2017-12674, CVE-2017-12691, CVE-2017-12692, CVE-2017-12693,
      CVE-2017-12875, CVE-2017-12877, CVE-2017-12983, CVE-2017-13058,
      CVE-2017-13059, CVE-2017-13060, CVE-2017-13061, CVE-2017-13062,
      CVE-2017-13131, CVE-2017-13134, CVE-2017-13758, CVE-2017-13768,
      CVE-2017-13769, CVE-2017-14060, CVE-2017-14172, CVE-2017-14173,
      CVE-2017-14174, CVE-2017-14175, CVE-2017-14224, CVE-2017-14249,
      CVE-2017-14325, CVE-2017-14326, CVE-2017-14341, CVE-2017-14342,
      CVE-2017-14343, CVE-2017-14400, CVE-2017-14505, CVE-2017-14531,
      CVE-2017-14532, CVE-2017-14533, CVE-2017-14607, CVE-2017-14624,
      CVE-2017-14625, CVE-2017-14626, CVE-2017-14682, CVE-2017-14684,
      CVE-2017-14739, CVE-2017-14741, CVE-2017-14989, CVE-2017-15015,
      CVE-2017-15016, CVE-2017-15017, CVE-2017-15032, CVE-2017-15033,
      CVE-2017-15217, CVE-2017-15218, CVE-2017-15277, CVE-2017-15281,
      CVE-2017-16546, CVE-2017-17499, CVE-2017-17504, CVE-2017-17680,
      CVE-2017-17681, CVE-2017-17682, CVE-2017-17879, CVE-2017-17881,
      CVE-2017-17882, CVE-2017-17884, CVE-2017-17885, CVE-2017-17886,
      CVE-2017-17887, CVE-2017-17914, CVE-2017-17934, CVE-2017-18008,
      CVE-2017-18022, CVE-2017-18027, CVE-2017-18028, CVE-2017-18029,
      CVE-2017-18209, CVE-2017-18211, CVE-2017-18251, CVE-2017-18252,
      CVE-2017-18254, CVE-2017-18271, CVE-2017-18273, CVE-2017-1000445,
      CVE-2017-1000476, CVE-2018-5246, CVE-2018-5247, CVE-2018-5248,
      CVE-2018-5357, CVE-2018-5358, CVE-2018-6405, CVE-2018-7443,
      CVE-2018-8804, CVE-2018-8960, CVE-2018-9133, CVE-2018-10177,
      CVE-2018-10804, CVE-2018-10805, CVE-2018-11251, CVE-2018-11625,
      CVE-2018-11655, CVE-2018-11656

 -- Marc Deslauriers <email address hidden>  Thu, 07 Jun 2018 11:19:48 -0400
Superseded in xenial-updates on 2018-07-11
Superseded in xenial-security on 2018-07-11
imagemagick (8:6.8.9.9-7ubuntu5.11) xenial-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/02*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u12 release. Thanks to Markus Koschany and
      Moritz Muehlenhoff for the excellent work this update is based on!
    - debian/patches/CVE-201[78]*.patch: backport large number of upstream
      security patches.
    - CVE-2017-10995, CVE-2017-11352, CVE-2017-11533, CVE-2017-11535,
      CVE-2017-11537, CVE-2017-11639, CVE-2017-11640, CVE-2017-12140,
      CVE-2017-12429, CVE-2017-12430, CVE-2017-12431, CVE-2017-12432,
      CVE-2017-12435, CVE-2017-12563, CVE-2017-12587, CVE-2017-12640,
      CVE-2017-12643, CVE-2017-12670, CVE-2017-12674, CVE-2017-12691,
      CVE-2017-12692, CVE-2017-12693, CVE-2017-12875, CVE-2017-12877,
      CVE-2017-12983, CVE-2017-13134, CVE-2017-13139, CVE-2017-13142,
      CVE-2017-13143, CVE-2017-13144, CVE-2017-13145, CVE-2017-13758,
      CVE-2017-13768, CVE-2017-13769, CVE-2017-14060, CVE-2017-14172,
      CVE-2017-14173, CVE-2017-14174, CVE-2017-14175, CVE-2017-14224,
      CVE-2017-14249, CVE-2017-14325, CVE-2017-14341, CVE-2017-14342,
      CVE-2017-14343, CVE-2017-14400, CVE-2017-14505, CVE-2017-14531,
      CVE-2017-14532, CVE-2017-14607, CVE-2017-14624, CVE-2017-14625,
      CVE-2017-14626, CVE-2017-14682, CVE-2017-14739, CVE-2017-14741,
      CVE-2017-14989, CVE-2017-15015, CVE-2017-15016, CVE-2017-15017,
      CVE-2017-15277, CVE-2017-15281, CVE-2017-16546, CVE-2017-17504,
      CVE-2017-17681, CVE-2017-17682, CVE-2017-17879, CVE-2017-17914,
      CVE-2017-18209, CVE-2017-18211, CVE-2017-18252, CVE-2017-18271,
      CVE-2017-18273, CVE-2017-1000445, CVE-2017-1000476, CVE-2018-5248,
      CVE-2018-7443, CVE-2018-8804, CVE-2018-8960, CVE-2018-9133,
      CVE-2018-10177, CVE-2018-11251

 -- Marc Deslauriers <email address hidden>  Fri, 08 Jun 2018 09:35:43 -0400
Superseded in trusty-updates on 2018-07-11
Superseded in trusty-security on 2018-07-11
imagemagick (8:6.7.7.10-6ubuntu3.11) trusty-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.7.7.10-5+deb7u22 release. Thanks to Markus Koschany,
      Chris Lamb, and Roberto C. Sánchez for the excellent work this
      update is based on!
    - debian/patches/CVE-201[78]*.patch: backport large number of upstream
      security patches.
    - CVE-2017-10995, CVE-2017-11533, CVE-2017-11535, CVE-2017-11537,
      CVE-2017-11639, CVE-2017-11640, CVE-2017-12140, CVE-2017-12429,
      CVE-2017-12430, CVE-2017-12431, CVE-2017-12432, CVE-2017-12435,
      CVE-2017-12563, CVE-2017-12587, CVE-2017-12640, CVE-2017-12643,
      CVE-2017-12670, CVE-2017-12674, CVE-2017-12691, CVE-2017-12692,
      CVE-2017-12693, CVE-2017-12875, CVE-2017-12877, CVE-2017-12983,
      CVE-2017-13134, CVE-2017-13139, CVE-2017-13142, CVE-2017-13143,
      CVE-2017-13144, CVE-2017-13758, CVE-2017-13768, CVE-2017-13769,
      CVE-2017-14060, CVE-2017-14172, CVE-2017-14173, CVE-2017-14174,
      CVE-2017-14175, CVE-2017-14224, CVE-2017-14249, CVE-2017-14325,
      CVE-2017-14341, CVE-2017-14342, CVE-2017-14343, CVE-2017-14400,
      CVE-2017-14505, CVE-2017-14531, CVE-2017-14607, CVE-2017-14682,
      CVE-2017-14739, CVE-2017-14741, CVE-2017-14989, CVE-2017-15016,
      CVE-2017-15017, CVE-2017-15277, CVE-2017-15281, CVE-2017-16546,
      CVE-2017-17504, CVE-2017-17682, CVE-2017-17879, CVE-2017-17914,
      CVE-2017-18252, CVE-2017-18271, CVE-2017-18273, CVE-2017-1000445,
      CVE-2017-1000476, CVE-2018-7443, CVE-2018-8804, CVE-2018-8960,
      CVE-2018-10177, CVE-2018-11251

 -- Marc Deslauriers <email address hidden>  Fri, 08 Jun 2018 12:00:47 -0400
Superseded in cosmic-proposed on 2018-06-12
imagemagick (8:6.9.7.4+dfsg-16ubuntu7) cosmic; urgency=medium

  * No-change rebuild against latest openexr

 -- Jeremy Bicha <email address hidden>  Fri, 11 May 2018 14:08:53 -0400
Superseded in cosmic-release on 2018-07-06
Published in bionic-release on 2018-04-07
Deleted in bionic-proposed (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-16ubuntu6) bionic; urgency=medium

  * Stop installing the Debian-specific .desktop for the display program.
    (LP: #1740741, LP: #1740743, LP: #1717951, LP: #1615435,
    Closes: #675617, #677318)

 -- Jeremy Bicha <email address hidden>  Fri, 06 Apr 2018 09:20:04 -0400
Superseded in bionic-release on 2018-04-07
Deleted in bionic-proposed on 2018-04-08 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-16ubuntu5) bionic; urgency=medium

  * libmagickcore-6.q16-dev, libmagickcore-6.q16hdri-dev: Remove dependency on
    libgraphviz-dev, was already removed as a build dependency.

 -- Matthias Klose <email address hidden>  Sat, 16 Dec 2017 02:17:20 +0100
Superseded in bionic-release on 2017-12-16
Deleted in bionic-proposed on 2017-12-17 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-16ubuntu4) bionic; urgency=medium

  * libmagickcore-6.q16-dev: Remove dependency on libgraphviz-dev,
    was already removed as a build dependency.

 -- Matthias Klose <email address hidden>  Fri, 15 Dec 2017 10:05:49 +0100
Superseded in bionic-release on 2017-12-15
Deleted in bionic-proposed on 2017-12-16 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-16ubuntu3) bionic; urgency=medium

  * No-change rebuild against perlapi-5.26.1

 -- Steve Langasek <email address hidden>  Thu, 02 Nov 2017 05:35:26 +0000
Superseded in bionic-release on 2017-11-22
Published in artful-release on 2017-08-10
Deleted in artful-proposed (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-16ubuntu2) artful; urgency=medium

  * No-change rebuild for GCC 7 abi mangling change.

 -- Matthias Klose <email address hidden>  Mon, 07 Aug 2017 15:21:52 +0000
Superseded in artful-proposed on 2017-08-07
imagemagick (8:6.9.7.4+dfsg-16ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Thu, 03 Aug 2017 14:54:15 +0200
Superseded in xenial-updates on 2018-06-12
Superseded in xenial-security on 2018-06-12
imagemagick (8:6.8.9.9-7ubuntu5.9) xenial-security; urgency=medium

  * SECURITY REGRESSION: image composite function regression (LP: #1707015)
    - disabled the following patches which cause issue:
      0224-Ensure-token-does-not-overflow.patch,
      0225-Fix-off-by-one-error-when-checking-token-length.patch,
      0226-Use-proper-cast.patch.

 -- Marc Deslauriers <email address hidden>  Fri, 28 Jul 2017 14:22:17 -0400
Superseded in artful-proposed on 2017-08-03
imagemagick (8:6.9.7.4+dfsg-15ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Mon, 31 Jul 2017 14:55:21 +0200
Superseded in trusty-updates on 2018-06-12
Superseded in trusty-security on 2018-06-12
imagemagick (8:6.7.7.10-6ubuntu3.9) trusty-security; urgency=medium

  * SECURITY REGRESSION: image composite function regression (LP: #1707015)
    - disabled the following patches which cause issue:
      0224-Ensure-token-does-not-overflow.patch,
      0225-Fix-off-by-one-error-when-checking-token-length.patch,
      0226-Use-proper-cast.patch.

 -- Marc Deslauriers <email address hidden>  Mon, 31 Jul 2017 07:24:18 -0400
Superseded in artful-proposed on 2017-07-31
imagemagick (8:6.9.7.4+dfsg-14ubuntu2) artful; urgency=medium

  * Fix build, due to bad patch

 -- Gianfranco Costamagna <email address hidden>  Sat, 29 Jul 2017 12:12:32 +0200
Superseded in artful-proposed on 2017-07-29
imagemagick (8:6.9.7.4+dfsg-14ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Sat, 29 Jul 2017 11:22:46 +0200
Superseded in artful-proposed on 2017-07-29
imagemagick (8:6.9.7.4+dfsg-13ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

Superseded in artful-proposed on 2017-07-28
imagemagick (8:6.9.7.4+dfsg-12ubuntu2) artful; urgency=medium

  * No-change rebuild for perl 5.26.0.

 -- Matthias Klose <email address hidden>  Wed, 26 Jul 2017 20:03:07 +0000
Superseded in trusty-updates on 2017-07-31
Superseded in trusty-security on 2017-07-31
imagemagick (8:6.7.7.10-6ubuntu3.8) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u10 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-9261, CVE-2017-9262, CVE-2017-9405, CVE-2017-9407,
      CVE-2017-9409, CVE-2017-9439, CVE-2017-9501, CVE-2017-10928,
      CVE-2017-11141, CVE-2017-11170, CVE-2017-11188, CVE-2017-11352,
      CVE-2017-11360, CVE-2017-11448, CVE-2017-11449, CVE-2017-11450,
      CVE-2017-11478

 -- Marc Deslauriers <email address hidden>  Fri, 21 Jul 2017 09:58:43 -0400
Superseded in xenial-updates on 2017-07-31
Superseded in xenial-security on 2017-07-31
imagemagick (8:6.8.9.9-7ubuntu5.8) xenial-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u10 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-9261, CVE-2017-9262, CVE-2017-9405, CVE-2017-9407,
      CVE-2017-9409, CVE-2017-9439, CVE-2017-9440, CVE-2017-9501,
      CVE-2017-10928, CVE-2017-11141, CVE-2017-11170, CVE-2017-11188,
      CVE-2017-11352, CVE-2017-11360, CVE-2017-11447, CVE-2017-11448,
      CVE-2017-11449, CVE-2017-11450, CVE-2017-11478

 -- Marc Deslauriers <email address hidden>  Fri, 21 Jul 2017 09:03:52 -0400
Obsolete in zesty-updates on 2018-06-22
Obsolete in zesty-security on 2018-06-22
imagemagick (8:6.9.7.4+dfsg-3ubuntu1.2) zesty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.9.7.4+dfsg-12 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-9261, CVE-2017-9262, CVE-2017-9405, CVE-2017-9407,
      CVE-2017-9409, CVE-2017-9439, CVE-2017-9440, CVE-2017-9501,
      CVE-2017-10928, CVE-2017-11141, CVE-2017-11170, CVE-2017-11188,
      CVE-2017-11352, CVE-2017-11360, CVE-2017-11447, CVE-2017-11448,
      CVE-2017-11449, CVE-2017-11450, CVE-2017-11478

 -- Marc Deslauriers <email address hidden>  Fri, 21 Jul 2017 08:30:46 -0400
Superseded in artful-release on 2017-08-10
Deleted in artful-proposed on 2017-08-11 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-12ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Sat, 15 Jul 2017 22:17:06 +0200
Superseded in artful-release on 2017-07-16
Deleted in artful-proposed on 2017-07-17 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-11ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Tue, 06 Jun 2017 11:04:42 +0200
Superseded in artful-release on 2017-06-07
Deleted in artful-proposed on 2017-06-09 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-10ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Sat, 03 Jun 2017 11:17:10 +0200
Superseded in artful-release on 2017-06-03
Deleted in artful-proposed on 2017-06-04 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-9ubuntu1) artful; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main.
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

Superseded in zesty-updates on 2017-07-24
Superseded in zesty-security on 2017-07-24
imagemagick (8:6.9.7.4+dfsg-3ubuntu1.1) zesty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.9.7.4+dfsg-8 and 8:6.8.9.9-5+deb8u9 releases. Once again, thanks
      to Bastien Roucariès for the excellent work this update is based on!
    - CVE-2017-7606, CVE-2017-7619, CVE-2017-7941, CVE-2017-7942,
      CVE-2017-7943, CVE-2017-8343, CVE-2017-8344, CVE-2017-8345,
      CVE-2017-8346, CVE-2017-8347, CVE-2017-8348, CVE-2017-8349,
      CVE-2017-8350, CVE-2017-8351, CVE-2017-8352, CVE-2017-8353,
      CVE-2017-8354, CVE-2017-8355, CVE-2017-8356, CVE-2017-8357,
      CVE-2017-8765, CVE-2017-8830, CVE-2017-9098, CVE-2017-9141,
      CVE-2017-9142, CVE-2017-9143, CVE-2017-9144

 -- Marc Deslauriers <email address hidden>  Fri, 26 May 2017 11:02:11 -0400
Superseded in trusty-updates on 2017-07-24
Superseded in trusty-security on 2017-07-24
imagemagick (8:6.7.7.10-6ubuntu3.7) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u9 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-7606, CVE-2017-7619, CVE-2017-7941, CVE-2017-7943,
      CVE-2017-8343, CVE-2017-8344, CVE-2017-8345, CVE-2017-8346,
      CVE-2017-8347, CVE-2017-8348, CVE-2017-8349, CVE-2017-8350,
      CVE-2017-8351, CVE-2017-8352, CVE-2017-8353, CVE-2017-8354,
      CVE-2017-8355, CVE-2017-8356, CVE-2017-8357, CVE-2017-8765,
      CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142,
      CVE-2017-9143, CVE-2017-9144

 -- Marc Deslauriers <email address hidden>  Fri, 26 May 2017 07:55:05 -0400
Superseded in xenial-updates on 2017-07-24
Superseded in xenial-security on 2017-07-24
imagemagick (8:6.8.9.9-7ubuntu5.7) xenial-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u9 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-7606, CVE-2017-7619, CVE-2017-7941, CVE-2017-7943,
      CVE-2017-8343, CVE-2017-8344, CVE-2017-8345, CVE-2017-8346,
      CVE-2017-8347, CVE-2017-8348, CVE-2017-8349, CVE-2017-8350,
      CVE-2017-8351, CVE-2017-8352, CVE-2017-8353, CVE-2017-8354,
      CVE-2017-8355, CVE-2017-8356, CVE-2017-8357, CVE-2017-8765,
      CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142,
      CVE-2017-9143, CVE-2017-9144

 -- Marc Deslauriers <email address hidden>  Fri, 26 May 2017 07:53:43 -0400
Obsolete in yakkety-updates on 2018-01-23
Obsolete in yakkety-security on 2018-01-23
imagemagick (8:6.8.9.9-7ubuntu8.6) yakkety-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u9 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-7606, CVE-2017-7619, CVE-2017-7941, CVE-2017-7943,
      CVE-2017-8343, CVE-2017-8344, CVE-2017-8345, CVE-2017-8346,
      CVE-2017-8347, CVE-2017-8348, CVE-2017-8349, CVE-2017-8350,
      CVE-2017-8351, CVE-2017-8352, CVE-2017-8353, CVE-2017-8354,
      CVE-2017-8355, CVE-2017-8356, CVE-2017-8357, CVE-2017-8765,
      CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142,
      CVE-2017-9143, CVE-2017-9144

 -- Marc Deslauriers <email address hidden>  Fri, 26 May 2017 07:47:08 -0400
Superseded in artful-release on 2017-05-30
Deleted in artful-proposed on 2017-06-01 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-6ubuntu2) artful; urgency=medium

  * Re-demote libjxr-tools Recommends to Suggests; dropped in merge.

 -- Adam Conrad <email address hidden>  Sat, 22 Apr 2017 17:40:34 -0600
Superseded in artful-release on 2017-04-23
Deleted in artful-proposed on 2017-04-24 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-6ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main (LP: #711061).
      + Regenerate d/control file with `debian/rules update_pkg`
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Sat, 22 Apr 2017 14:48:26 +0200
Superseded in artful-release on 2017-04-22
Obsolete in zesty-release on 2018-06-22
Deleted in zesty-proposed on 2018-06-22 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-3ubuntu1) zesty; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main (LP: #711061).
      + Regenerate d/control file with `debian/rules update_pkg`
    - demote libmagickcore-6.q16hdri-3-extra and libmagickcore-6.q16-3-extra
      Recommends on libjxr-tools to Suggests, as it is in universe.

 -- Gianfranco Costamagna <email address hidden>  Fri, 07 Apr 2017 23:25:27 +0200
Superseded in zesty-release on 2017-04-08
Deleted in zesty-proposed on 2017-04-09 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-2ubuntu3) zesty; urgency=medium

  * d/control: demote libmagickcore-6.q16hdri-3-extra Recommends on
    libjxr-tools to Suggests, as it is in universe.

 -- Nishanth Aravamudan <email address hidden>  Thu, 30 Mar 2017 15:55:12 -0700
Superseded in zesty-release on 2017-03-31
Deleted in zesty-proposed on 2017-04-01 (Reason: moved to release)
imagemagick (8:6.9.7.4+dfsg-2ubuntu2) zesty; urgency=medium

  * d/control: demote libmagickcore-6.q16-3-extra Recommends on
    libjxr-tools to Suggests, as it is in universe.

 -- Nishanth Aravamudan <email address hidden>  Thu, 30 Mar 2017 10:53:06 -0700
Published in precise-updates on 2017-03-14
Published in precise-security on 2017-03-14
imagemagick (8:6.6.9.7-5ubuntu3.9) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u8 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-6498, CVE-2017-6500

 -- Marc Deslauriers <email address hidden>  Tue, 14 Mar 2017 09:55:55 -0400
Superseded in trusty-updates on 2017-05-30
Superseded in trusty-security on 2017-05-30
imagemagick (8:6.7.7.10-6ubuntu3.6) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u8 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-6498, CVE-2017-6500

 -- Marc Deslauriers <email address hidden>  Tue, 14 Mar 2017 09:23:56 -0400
Superseded in yakkety-updates on 2017-05-30
Superseded in yakkety-security on 2017-05-30
imagemagick (8:6.8.9.9-7ubuntu8.5) yakkety-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u8 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-6498, CVE-2017-6499, CVE-2017-6500

 -- Marc Deslauriers <email address hidden>  Tue, 14 Mar 2017 09:00:07 -0400
Superseded in xenial-updates on 2017-05-30
Superseded in xenial-security on 2017-05-30
imagemagick (8:6.8.9.9-7ubuntu5.6) xenial-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u8 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-6498, CVE-2017-6499, CVE-2017-6500

 -- Marc Deslauriers <email address hidden>  Tue, 14 Mar 2017 09:05:24 -0400
Superseded in xenial-updates on 2017-03-14
Superseded in xenial-security on 2017-03-14
imagemagick (8:6.8.9.9-7ubuntu5.5) xenial-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u7 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-8707,  CVE-2016-10062, CVE-2016-10144, CVE-2016-10145,
      CVE-2016-10146, CVE-2017-5506,  CVE-2017-5507,  CVE-2017-5508,
      CVE-2017-5510,  CVE-2017-5511

 -- Marc Deslauriers <email address hidden>  Thu, 02 Mar 2017 14:59:46 -0500
Superseded in precise-updates on 2017-03-14
Superseded in precise-security on 2017-03-14
imagemagick (8:6.6.9.7-5ubuntu3.8) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u7 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-8707, CVE-2016-10062, CVE-2016-10144, CVE-2016-10145,
      CVE-2017-5506, CVE-2017-5507,  CVE-2017-5508,  CVE-2017-5510,
      CVE-2017-5511

 -- Marc Deslauriers <email address hidden>  Thu, 02 Mar 2017 15:19:35 -0500
Superseded in yakkety-updates on 2017-03-14
Superseded in yakkety-security on 2017-03-14
imagemagick (8:6.8.9.9-7ubuntu8.4) yakkety-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u7 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-8707,  CVE-2016-10062, CVE-2016-10144, CVE-2016-10145,
      CVE-2016-10146, CVE-2017-5506,  CVE-2017-5507,  CVE-2017-5508,
      CVE-2017-5510,  CVE-2017-5511

 -- Marc Deslauriers <email address hidden>  Thu, 02 Mar 2017 14:40:30 -0500
Superseded in trusty-updates on 2017-03-14
Superseded in trusty-security on 2017-03-14
imagemagick (8:6.7.7.10-6ubuntu3.5) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u7 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-8707,  CVE-2016-10062, CVE-2016-10144, CVE-2016-10145,
      CVE-2016-10146, CVE-2017-5506,  CVE-2017-5507,  CVE-2017-5508,
      CVE-2017-5510,  CVE-2017-5511

 -- Marc Deslauriers <email address hidden>  Thu, 02 Mar 2017 15:10:05 -0500
Superseded in xenial-updates on 2017-03-08
Superseded in xenial-security on 2017-03-08
imagemagick (8:6.8.9.9-7ubuntu5.4) xenial-security; urgency=medium

  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden>  Wed, 22 Feb 2017 11:41:06 -0500
Superseded in precise-updates on 2017-03-08
Superseded in precise-security on 2017-03-08
imagemagick (8:6.6.9.7-5ubuntu3.7) precise-security; urgency=medium

  * SECURITY REGRESSION: test label regression (LP: #1646485)
    - debian/patches/0161-Do-not-ignore-SetImageBias-bias-value.patch:
      updated to fix bad backport.
    - debian/patches/0162-Suspend-exception-processing-if-there-are-too-many-e.patch:
      updated to apply cleanly.
  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden>  Wed, 22 Feb 2017 10:08:13 -0500
Superseded in yakkety-updates on 2017-03-08
Superseded in yakkety-security on 2017-03-08
imagemagick (8:6.8.9.9-7ubuntu8.3) yakkety-security; urgency=medium

  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden>  Wed, 22 Feb 2017 11:10:55 -0500
Superseded in trusty-updates on 2017-03-08
Superseded in trusty-security on 2017-03-08
imagemagick (8:6.7.7.10-6ubuntu3.4) trusty-security; urgency=medium

  * SECURITY REGRESSION: test label regression (LP: #1646485)
    - debian/patches/0161-Do-not-ignore-SetImageBias-bias-value.patch:
      updated to fix bad backport.
    - debian/patches/0162-Suspend-exception-processing-if-there-are-too-many-e.patch:
      updated to apply cleanly.
  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden>  Wed, 22 Feb 2017 10:04:25 -0500
Superseded in zesty-release on 2017-03-30
Deleted in zesty-proposed on 2017-04-01 (Reason: moved to release)
imagemagick (8:6.9.7.0+dfsg-2ubuntu1) zesty; urgency=medium

  * Merge with Debian unstable (LP: #). Remaining changes:
    - Drop dependency on libopenjp2-7-dev, which is needed for JPEG2000
      but is not in main (LP #711061).
      + Regenerate d/control file with `debian/rules update_pkg`
  * Drop:
    - Properly clean-up quantum control file fragments from `debian/rules
      update_pkg`
    [ Fixed in Debian 8:6.9.7.0+dfsg-2 ]
    - debian/patches/0020-Revert-GradientImage-change.patch: Revert patch
      per https://github.com/ImageMagick/ImageMagick/issues/316.  Thanks
      to Cristy <email address hidden>.  Closes LP #1645406.
    [ Fixed upstream ]

 -- Nishanth Aravamudan <email address hidden>  Wed, 11 Jan 2017 17:10:01 -0800
Superseded in zesty-release on 2017-03-29
Deleted in zesty-proposed on 2017-04-07 (Reason: moved to release)
imagemagick (8:6.9.6.6+dfsg-1ubuntu3) zesty; urgency=medium

  * debian/patches/0020-Revert-GradientImage-change.patch: Revert patch
    per https://github.com/ImageMagick/ImageMagick/issues/316.  Thanks
    to Cristy <email address hidden>.  Closes LP: #1645406.

 -- Nishanth Aravamudan <email address hidden>  Tue, 06 Dec 2016 17:26:36 +0100
Superseded in precise-updates on 2017-02-22
Superseded in precise-security on 2017-02-22
imagemagick (8:6.6.9.7-5ubuntu3.6) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: backport security fixes from Debian's
      8:6.8.9.9-5+deb8u6 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-7799, CVE-2016-8677, CVE-2016-8862, CVE-2016-9556

 -- Marc Deslauriers <email address hidden>  Tue, 29 Nov 2016 14:11:54 -0500
Superseded in trusty-updates on 2017-02-22
Superseded in trusty-security on 2017-02-22
imagemagick (8:6.7.7.10-6ubuntu3.3) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: backport security fixes from Debian's
      8:6.8.9.9-5+deb8u6 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-7799, CVE-2016-8677, CVE-2016-8862, CVE-2016-9556

 -- Marc Deslauriers <email address hidden>  Tue, 29 Nov 2016 09:48:17 -0500
175 of 212 results